1// 2// CommonNISTKDF.c 3// CommonCrypto 4// 5// Created by Richard Murphy on 12/19/13. 6// Copyright (c) 2013 Platform Security. All rights reserved. 7// 8 9#include "CCCryptorTestFuncs.h" 10#include "testbyteBuffer.h" 11#include "testmore.h" 12 13static int verbose = 0; 14 15#if (CCNISTKDFTEST == 0) 16entryPoint(CommonNISTKDF,"CommonNISTKDF test") 17#else 18#include <CommonCrypto/CommonKeyDerivationSPI.h> 19 20typedef struct test_vector_t { 21 int testnum; 22 char *k1Str; 23 char *labelStr; // or fixedData 24 char *contextStr; 25 size_t result_len; 26 char *sha1_answer; 27 char *sha224_answer; 28 char *sha256_answer; 29 char *sha384_answer; 30 char *sha512_answer; 31} test_vector; 32 33static char * 34CCDigestName(CCDigestAlgorithm alg) { 35 switch(alg) { 36 case kCCDigestSHA1: return "SHA-1"; 37 case kCCDigestSHA224: return "SHA-224"; 38 case kCCDigestSHA256: return "SHA-256"; 39 case kCCDigestSHA384: return "SHA-384"; 40 case kCCDigestSHA512: return "SHA-512"; 41 } 42 return ""; 43} 44 45static int test_answer(CCDigestAlgorithm alg, test_vector *vector, size_t answer_len, void*answer) { 46 char *correct_answer = NULL; 47 switch(alg) { 48 case kCCDigestSHA1: correct_answer = vector->sha1_answer; break; 49 case kCCDigestSHA224: correct_answer = vector->sha224_answer; break; 50 case kCCDigestSHA256: correct_answer = vector->sha256_answer; break; 51 case kCCDigestSHA384: correct_answer = vector->sha384_answer; break; 52 case kCCDigestSHA512: correct_answer = vector->sha512_answer; break; 53 default: correct_answer = NULL; 54 } 55 byteBuffer answer_bb = bytesToBytes(answer, answer_len); 56 if(correct_answer == NULL || strcmp(correct_answer, "") == 0) { 57 diag("Returned Answer for Test (%d) for NistKDF-CTR-HMac-%s\n", vector->testnum, CCDigestName(alg)); 58 diag("\t\t\"%s\", // %s\n", bytesToHexString(answer_bb), CCDigestName(alg)); 59 return 1; 60 } 61 byteBuffer correct_answer_bb = hexStringToBytes((char *) correct_answer); 62 ok(bytesAreEqual(correct_answer_bb, answer_bb), "compare memory of answer"); 63 if(bytesAreEqual(correct_answer_bb, answer_bb) == 0) { 64 diag("Failed Test (%d) for NistKDF-CTR-HMac-%s\n", vector->testnum, CCDigestName(alg)); 65 printByteBuffer(correct_answer_bb, "Correct Answer"); 66 printByteBuffer(answer_bb, "Provided Answer"); 67 } 68 free(correct_answer_bb); 69 free(answer_bb); 70 return 1; 71} 72 73static int test_ctr_hmac_fixed_oneshot(CCDigestAlgorithm alg, test_vector *vector) { 74 uint8_t answer[vector->result_len]; 75 byteBuffer k1 = hexStringToBytes(vector->k1Str); 76 byteBuffer label = hexStringToBytes(vector->labelStr); 77 byteBuffer context = hexStringToBytes(vector->contextStr); 78 CCKeyDerivationHMac(kCCKDFAlgorithmCTR_HMAC_FIXED, alg, 0, k1->bytes, k1->len, NULL, 0, 79 label->bytes, label->len, 80 NULL, 0, NULL, 0, 81 answer, vector->result_len); 82 ok(test_answer(alg, vector, vector->result_len, answer), "check answer"); 83 free(k1); 84 free(label); 85 free(context); 86 return 1; 87} 88 89 90static int test_nistkdf_hmac(CCDigestAlgorithm alg) { 91 static test_vector vector_ctr_hmac[] = { 92 { // from published NIST KAT for PRF=SHA256, R=32, CTRLOCATION=Before Raw FixedData 93 1, 94 "dd1d91b7d90b2bd3138533ce92b272fbf8a369316aefe242e659cc0ae238afe0", // K1 95 "01322b96b30acd197979444e468e1c5c6859bf1b1cf951b7e725303e237e46b8"\ 96 "64a145fab25e517b08f8683d0315bb2911d80a0e8aba17f3b413faac", // Label/FixedData 97 "", // Context 98 16, // result_length 99 "cb2f32a1708b762bddb4ce6ae3c99f72", // SHA1 100 "f4bbe37ff89bfba838fbde108c1298e5", // SHA224 101 "10621342bfb0fd40046c0e29f2cfdbf0", // SHA256 102 "b8ede53b06a02d734c8f52abaf67e5d9", // SHA384 103 "6056854e0cd0b03a9026c42c1cd17de4", // SHA512 104 }, 105 { // from published NIST KAT for PRF=SHA224, R=32, CTRLOCATION=Before Raw FixedData 106 2, 107 "f5cb7cc6207f5920dd60155ddb68c3fbbdf5104365305d2c1abcd311", // K1 108 "4e5ac7539803da89581ee088c7d10235a10536360054b72b8e9f18f7"\ 109 "7c25af01019b290656b60428024ce01fccf49022d831941407e6bd27"\ 110 "ff9e2d28", // Label/FixedData 111 "", // Context 112 16, // result_length 113 "9a379dd1e18ecf2a00c1c9e4ca0f21e7", // SHA1 114 "0adbaab43edd532b560a322c84ac540e", // SHA224 115 "c571250d780cf51e6332713dfe84022b", // SHA256 116 "0d955e07d933eec54e8871c7fbceb2d3", // SHA384 117 "19c0c3c0c323efd19fa18f21830471e0", // SHA512 118 }, 119 { // from published NIST KAT for PRF=SHA1, R=32, CTRLOCATION=Before Raw FixedData 120 3, 121 "f7591733c856593565130975351954d0155abf3c", // K1 122 "8e347ef55d5f5e99eab6de706b51de7ce004f388"\ 123 "2889e259ff4e5cff102167a5a4bd711578d4ce17"\ 124 "dd9abe56e51c1f2df950e2fc812ec1b217ca08d6", // Label/FixedData 125 "", // Context 126 16, // result_length 127 "34fe44b0d8c41b93f5fa64fb96f00e5b", // SHA1 128 "6ea5f4643c111f2de3d7c4a4e9e23ae0", // SHA224 129 "2be4e09a1bd9c8c462205e3ecd9b9de2", // SHA256 130 "799b86a06a73ee08ba54151b219518a8", // SHA384 131 "f7d86befdde6d2353661995a6da53057", // SHA512 132 }, 133 { // from published NIST KAT for PRF=SHA384, R=32, CTRLOCATION=Before Raw FixedData 134 4, 135 "216ed044769c4c3908188ece61601af8"\ 136 "819c30f501d12995df608e06f5e0e607"\ 137 "ab54f542ee2da41906dfdb4971f20f9d", // K1 138 "638e9506a2c7be69ea346b84629a010c"\ 139 "0e225b7548f508162c89f29c1ddbfd70"\ 140 "472c2b58e7dc8aa6a5b06602f1c8ed49"\ 141 "48cda79c62708218e26ac0e2", // Label/FixedData 142 "", // Context 143 16, // result_length 144 "42f4c5206acb6fde73ee356a97069e10", // SHA1 145 "8a943715e5568f12b13430ee88d53e57", // SHA224 146 "155b48ca2900dc1043f3c973454d1097", // SHA256 147 "d4b144bb40c7cabed13963d7d4318e72", // SHA384 148 "8b32a1e63e3633032f2f9cc6159aea21", // SHA512 149 }, 150 { // from published NIST KAT for PRF=SHA512, R=32, CTRLOCATION=Before Raw FixedData 151 5, 152 "dd5dbd45593ee2ac139748e7645b450f"\ 153 "223d2ff297b73fd71cbcebe71d41653c"\ 154 "950b88500de5322d99ef18dfdd304282"\ 155 "94c4b3094f4c954334e593bd982ec614", // K1 156 "b50b0c963c6b3034b8cf19cd3f5c4ebe"\ 157 "4f4985af0c03e575db62e6fdf1ecfe4f"\ 158 "28b95d7ce16df85843246e1557ce95bb"\ 159 "26cc9a21974bbd2eb69e8355", // Label/FixedData 160 "", // Context 161 16, // result_length 162 "a63a98af96ca265d7033963e9e6ed86d", // SHA1 163 "7eca8b022660a1161c441239b9e63f1f", // SHA224 164 "7d178ea8448edcad7e14aa32eb84f022", // SHA256 165 "a68e8d4b7102e6c75e77c072294f54c7", // SHA384 166 "e5993bf9bd2aa1c45746042e12598155", // SHA512 167 }, 168 { // from published NIST KAT for PRF=SHA1, R=32, CTRLOCATION=Before Raw FixedData, length 320 169 6, 170 "eea784c3e3181af8348385456878a775c3a41708", // K1 171 "51d601ecb9cabb4c5cc6348983a1d243"\ 172 "44831812f6d3559399396418ff8824b7"\ 173 "eae36350bb40dd66ec0677f49b5f5ab9"\ 174 "805cb272562ed5c7ce0b30c9", // Label/FixedData 175 "", // Context 176 40, // result_length 177 "2fd6dc21e31cee812ae3738cea9f7c2a121c0a0f4b985b1d506eff72fde7fb6f0948c92a86b4b525", // SHA1 178 "2bc034e19979a8589be6c2c3eb20fb1dadd394b4cea3ce8d9621d0ccd40c852858dbd2c1a7628290", // SHA224 179 "9550a2395ea822cc16f4f041d21ebf1cf62204656291284cdacfa3c6b0c255cd5e93944771aa5648", // SHA256 180 "110066b403b2ab67198a2ba3a57868f87e322c3aad7e42d444ecf14174fbee5049b25f9d5aadfd7f", // SHA384 181 "b54833fd62e5d03cd678471174c3efc9b0a26a023724ab318b34b767f987d172e1e0fab0e48b0f82", // SHA512 182 }, 183 { // from published NIST KAT for PRF=SHA224, R=32, CTRLOCATION=Before Raw FixedData, length 320 184 7, 185 "6d4411ccfeca782ffc87ed9fc9163992d9e1cab24dea690b966b3231", // K1 186 "ee7967ddcaa6ddb242bbb2cee1fbf78632172d74f9bc0be645d52c19c7ee5b961ff6765432013372f693b7ca7f4489025fab6e599985c63e551e3733", // Label/FixedData 187 "", // Context 188 40, // result_length 189 "b3359f55651dd68ac85645b24908a15bdbb52be6d75673ecd5a4a14c4577c94e0c166e4cda7441f7", // SHA1 190 "221bb18f086c7396b73ecb68b20ce8ef61739a6db97b2ab8a3396722a93be1c759855a95de86d469", // SHA224 191 "438d0d10e935acc632168941eacd69d76bdf3f0270a49c793414f28c9cec29a081f2366b9e025987", // SHA256 192 "667d4d85cd8b08cf994296b1f5511c4c64da3f8e5c2daea23423d4750c99d2c39387c996f0b1c4cf", // SHA384 193 "3e3503794a770b9141c24e28ad52069cacf1cb9943b170999fab036674c6a56a1ec46bd621bb0191", // SHA512 194 }, 195 { // from published NIST KAT for PRF=SHA256, R=32, CTRLOCATION=Before Raw FixedData, length 320 196 8, 197 "9a6e83b91bd999737e577e449142dae05968e774b223c1185dc574da785c93cc", // K1 198 "4b5845c6737202632b2946c3579d9d4582b475dfa373945b0abc68c8f0daa36520179439086c6809aa182094453bc0bffef0dc2888b96295fcd6e442", // Label/FixedData 199 "", // Context 200 40, // result_length 201 "6245d8321bd5af6a96ace0f7367b3eb6de6e4cff1e83f58e33bc6f72ec6071fab0e5ea1b981e211e", // SHA1 202 "02daabf2c978cd4cec0a5730da4cffe505a7489c6c4b1f79b724d7b47429e8b5e09280c3aca62d70", // SHA224 203 "e90e3ed902a8eb1fc67823af534a2b48466bf2c5877dad0aadc7d6ff741d8f437b2e6d0031846960", // SHA256 204 "fe29134814802cf556b65b335a2350b58f634fe89bead19383670e55ec293e48f605895e51661947", // SHA384 205 "177fe6c90f460b18a62e3035c15bb35f7968ff6b2e431c56becbe3e83e7b3f1014d6154dbff103b5", // SHA512 206 }, 207 { // from published NIST KAT for PRF=SHA384, R=32, CTRLOCATION=Before Raw FixedData, length 320 208 9, 209 "0c5620f34aa7029f655a9eb9b051f13251d65bdf99d390b8f67898eb2216ec10bacb29358b895529db64fbfc942fd0ff", // K1 210 "6d8b8cdf7b699c0205c6feb4ac1839d3c436cf962f8575ee67ff20d69103c4aa93bb369d360980181e38c44215065c99a066946733ede23185183617", // Label/FixedData 211 "", // Context 212 40, // result_length 213 "8be493b61cfb17c9b07d946203ce6821e235b47e8929d06b666968f0660b3979b877dc9ccfbf5664", // SHA1 214 "0c82c5484d5ceddc3286a95849cd47d69d0d4ff5cdcf73f94c32c37d187ac33dbc0af3a4d34d67be", // SHA224 215 "f71a8f2ae10aebcffa80a43d113f05c8c5276a63ec6356b960ccb5cf8e2626bc2d540d04b8a6021c", // SHA256 216 "2857c7b4221a02b6717a1c67b1eeb64dcda8162284faae88466414b317e45457b5aaef5b5089722f", // SHA384 217 "83daadfab0823929bb358d1c650587e844a0bc9da9890da1694f14ce26c7eb8473d3ee07d0116561", // SHA512 218 }, 219 { // from published NIST KAT for PRF=SHA512, R=32, CTRLOCATION=Before Raw FixedData, length 320 220 10, 221 "46a65f2e432fe2aab26de24d1b9d39b44da270230f17844d44e249565a125f87a070b4b2eeac0b3a6c54acfc49ddc6360f59fe0e330e0605c61e85c5c27fe756", // K1 222 "b06a23e05945f96a293de59dc3db5972ca1fa00b4647ac38f753790335d5daeb2ffe09cf8924ac4e80b275ea4dbec53b9e2aaf90df0e6fd82ad69f7c", // Label/FixedData 223 "", // Context 224 40, // result_length 225 "0252c5b6e21f4de10b5f59d13b241c435b2b96cea07b2c45e1ec55eeeb9920c28a8eb889b2febf00", // SHA1 226 "3b63de00aacc5530280a99e92013525b1ed216ec9bb732734f469611f1ec3e6b065758ad9674611a", // SHA224 227 "dc68d700c478e6a1cf5f92952711c72ef7b4cd2d637bc63fa6249187a1326fd46eaea99fa3b7776c", // SHA256 228 "51eb9fb2f19253b9e236205dcb1c62e897dd7af387d54a9f466e71c63d9ea70a93f30bbb5f12a6bf", // SHA384 229 "04bbc4f93fb5c3589690798bf793c10bb726f87a4a2de93b8fdf6be8015abe156577119c5637ae71", // SHA512 230 }, 231 232 233 }; 234 int vector_size = sizeof (vector_ctr_hmac) / sizeof (test_vector); 235 if(verbose) diag("nistkdf_hmac LT Test\n"); 236 237 for(int i=0; i<vector_size; i++) { 238 ok(test_ctr_hmac_fixed_oneshot(alg, &vector_ctr_hmac[i]), "test one-shot with data less than blocksize"); 239 } 240 // test_size(di); 241 return 1; 242} 243 244int CommonNISTKDF(int argc, char *const *argv) 245{ 246 plan_tests(155); 247 if(verbose) diag("Starting nistkdf_hmac tests\n"); 248 ok(test_nistkdf_hmac(kCCDigestSHA1), "ccsha1_ltc_di"); 249 ok(test_nistkdf_hmac(kCCDigestSHA224), "ccsha224_ltc_di"); 250 ok(test_nistkdf_hmac(kCCDigestSHA256), "ccsha256_ltc_di"); 251 ok(test_nistkdf_hmac(kCCDigestSHA384), "ccsha384_ltc_di"); 252 ok(test_nistkdf_hmac(kCCDigestSHA512), "ccsha512_ltc_di"); 253 return 0; 254} 255#endif 256 257